
1. \A method comprising: 
collecting entropy data; 
storing theWtropy data in a nonvolatile memory; 

updating theNentropy data stored in the nonvolatile memory with newly 
collected entropy data;Vnd 

generating a stringy of random bits from the entropy data stored in the 
nonvolatile memory. 



2. A method as recitedNjn claim 1 wherein the entropy data is collected 
from multiple sources. 

3. A method as recited in claim 1 wherein the entropy data is collected 
from multiple sources within a computer system. 

4. A method as recited in claim 1 wherein the entropy data includes data 
related to a processor in a computer system. 

5. A method as recited in claim 1 wherein thk entropy data includes data 
related to an operating system executing on a computer system. 



6. A method as recited in claim 1 wherein the entropy^data is maintained 
in a protected portion of an operating system kernel. 
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method as recited in claim 1 wherein the method is executing on a 
system and theWtropy data is inaccessible by an application program executing 
on the system. 



8. A methoM as recited in claim 1 wherein generating a string of random 
bits includes hashing tha entropy data to generate random seed data. 



9. A method as rfecited in claim 1 wherein updating the entropy data 
stored in the nonvolatile memory includes collecting new entropy data at periodic 
intervals. 



10. A method as recited imclaim 1 further including communicating the 
string of random bits to an application program requesting a random number. 



n) 



11. One or more computer-readable memories containing a computer 
program that is executable by a processor t\perform the method recited in claim 
1. 



12. A method comprising: 
receiving a request for a random number; 
retrieving entropy data from a nonvolatile memory device/ wherein the 
entropy data is regularly updated with newly collected entroby data;^ 
hashing the entropy data to create random seed data; 
generating a string of random bits from the random seed &ata; and 
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J y^communicating the string of random bits to the requester of the random 
nUmber. 



13. Av method as recited in claim 12 wherein the entropy data is 
collected from multiple sources within a computer system. 

14. A method as recited in claim 12 wherein the entropy data includes 



data related to a state of a processor in a computer system and data related to a 
state of an operating system executing on the computer system. 



15. A method as recifted in claim 12 wherein the entropy data is 
maintained in a protected portion of^n operating system kernel. 



16. A method as recited in claim 12 wherein the random seed data is 
maintained in a protected portion of an operating system kernel. 



17. A method as recited in claim 12 ^herein the entropy data is 
inaccessible by the requester of the random number. 

v -i ) i 

18. One or more computer-readable memories containing a computer 
program that is executable by a processor to perform the method recited in claim 
12. 
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/ 19- \ method compnsing: 
collecting Wtropy data; 

storing the entropy data in a protected portion of an operating system 
kernel; and 

generating a string N of random bits based on the entropy data. 



20. A method as recited in claim 19 wherein the entropy data is 
collected from multiple sources. 

21. A method as recited in\plaim 19 wherein the entropy data is 
inaccessible by an application program. 
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22. A method as recited in claim 19 further comprising updating the 
entropy data with newly collected entropy data. 

23. A method as recited in claim 19 further comprising communicating 
the string of random bits to an application program requesting \random number. 

24. One or more computer-readable memories containing a computer 
program that is executable by a processor to perform the method recite^ in claim 
19. 
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25. Mn apparatus comprising: 

a nonvolatile memory configured to store entropy data, (wherein the entropy 

\ ^ 
data stored in the nonvolatile memory is updated regularly; and 



iirrib 



f 



a random number generator coupled to the nonvolatile memory, wherein 
the random number generator utilizes the entropy data stored in the nonvolatile 
memory to generate stringkof random bits. 



26. An apparatus as\recited in claim 25 wherein the entropy data is 
collected from multiple sources. 

27. An apparatus as recite^ in claim 25 wherein the entropy data is 
updated at periodic intervals. 

28. An apparatus as recited in olaim 25 wherein the entropy data is 
maintained in a protected portion of an operating system kernel such that the 
entropy data is inaccessible by an application program. 

29. An apparatus as recited in claim 25 wherein the entropy data 
includes data related to a processor in a computer system and an operating system 
executing on the computer system. 



30. An apparatus as recited in claim 25 wherein\the random number 
generator hashes the entropy data to generate random seed data. 
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31. t An apparatus as recited in claim 25 further including a timer 
coupled to theyrandom number generator, the timer indicating when to update the 
entropy data stored in the nonvolatile memory device. 



32. One ok more computer-readable media having stored thereon a 
computer program that, >vhen executed by one or more processors, causes the one 
or more processors to: 

collect entropy data frofri multiple sources; 

store the collected entropy^data in a nonvolatile memory; 

update the entropy data sltpred in the nonvolatile memory with newly 
collected entropy data; and 

produce a string of random fyts from the entropy data stored in the 
nonvolatile memory. 

33. One or more computer-readable media as recited in claim 32 
wherein the entropy data includes data related to\ state of one or more processors. 

34. One or more computer-readable media as recited in claim 32 
wherein the entropy data is maintained in a protectee! portion of an operating 
system kernel. 

35. One or more computer-readable media as recited in claim 32 
wherein the entropy data includes data related to a state of an operating system 
executing on a computer system. 
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36.\^One or more computer-readable media as recited in claim 32 
'wherein to produceV&tring of random bits from the entropy data, the one or more 
processors hash the entropy cDlta^to generate random seed data. 



37. One or more computer-readabtevmedia as recited in claim 32 
wherein the entropy data stored in the nonvolatile membi^is updated with newly 
collected entropy data at periodic intervals. 
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